Expand my Community achievements bar.

Elevate your expertise and be recognized as a true influencer! Nominations for the exclusive Adobe Community Advisor program 2023 are now OPEN.
Apply Now!!

GraniteSslConnectorFactory AEM 6.3

Avatar

Level 5
Level 5
‎17-01-2018 03:31 PST

Hi All,

need some info on  com.adobe.granite.jetty.ssl.internal.GraniteSslConnectorFactory??

has any one got this "Bleichenbacher Oracle (ROBOT) Vulnerability ", If yes then how does this effect AEM??

The fix we got is to disable any ciphers that begin with TLS_RSA on all the instances.

I see by default we get four cipher entries starting with TLS_RSA*, disabling it an better idea.

Thanks,

Vikii

Views

2.4K

Replies

4

Sign in to like this content

Total Likes

Translate
Translate
4 Replies

Avatar

Employee Advisor
Employee Advisor
‎31-01-2018 23:59 PST

If it's security related, I would recommend to raise a ticket with Adobe support and let it confirm.

This vulnerability is related to a TLS cipher which is vulnerable. You can enable or disable specifc cipher suites in the OSGI config of Jetty (see the fields "Included cipher suites" and "Excluded cipher suites"). You should be able to disable the affected cipher suite here.

Jörg

Views

2.1K

Replies

2

Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 5
Level 5
‎01-02-2018 18:21 PST
In response to Jörg_Hoh

Hi Jorg,

We have disabled  all the cipher sites starting with TLS_RSA*.

I have two questions here.

1, What are this cipher suites?

2, Disabling TLS_RSA*, will this effect anything?

Thanks,

viki

Views

2.1K

Replies

1

Sign in to like this content

Total Likes

Translate
Translate

Avatar

Employee Advisor
Employee Advisor
‎02-02-2018 00:50 PST
In response to Mahesh_Vikram

This is not specific for AEM and not even specific for Java, but a very broad concept. Check wikipedia for it[1].

[1] Cipher suite - Wikipedia

Views

2.1K

Replies

0

Sign in to like this content

Total Likes

Translate
Translate